SANS ISC InfoSec Forums

Indications are that the ServerProtect exploit is against an older vulnerability from earlier this year, February 2007. This vulnerability was patched previously. The vulnerability appears to be "vulnerabilty one" in this advisory: http://dvlabs.tippingpoint.com/advisory/TPTI-07-02

But this does indeed appear to be a new exploit, thus machines are being actively compromised if they haven't been patched.